adding logs for debugging

codecov · May 2, 2024 · 087f522 · 087f522
1 parent 8a02e67
commit 087f522
Show file tree

Hide file tree

Showing 2 changed files with 72 additions and 1 deletion.
diff --git a/codecov_auth/authentication/repo_auth.py b/codecov_auth/authentication/repo_auth.py
@@ -1,3 +1,4 @@
+import logging
 import re
 from datetime import datetime
 from typing import List
@@ -28,6 +29,8 @@
 from upload.views.helpers import get_repository_from_string
 from utils import is_uuid
 
+log = logging.getLogger(__name__)
+
 
 def repo_auth_custom_exception_handler(exc, context):
  """
@@ -230,13 +233,38 @@ def authenticate_credentials(self, key):
 
 class GitHubOIDCTokenAuthentication(authentication.TokenAuthentication):
  def authenticate_credentials(self, token):
+ log.debug(
+ "In GitHubOIDCTokenAuthentication 1",
+ extra=dict(
+ token_slice=str(token)[39:49] if token else None,
+ ),
+ )
  if not token or is_uuid(token):
+ log.debug(
+ "In GitHubOIDCTokenAuthentication 2",
+ extra=dict(
+ token_slice=str(token)[39:49] if token else None,
+ is_uuid=is_uuid(token),
+ ),
+ )
  return None # continue to next auth class
  try:
  repository = get_repo_with_github_actions_oidc_token(token)
- except (ObjectDoesNotExist, PyJWTError):
+ except (ObjectDoesNotExist, PyJWTError) as e:
+ log.debug(
+ "In GitHubOIDCTokenAuthentication 10",
+ extra=dict(
+ token_slice=str(token)[39:49],
+ error_message=f"{e}",
+ ),
+ )
  return None # continue to next auth class
 
+ log.debug(
+ "In GitHubOIDCTokenAuthentication Success",
+ extra=dict(token_slice=str(token)[39:49], repository=str(repository)),
+ )
+
  return (
  RepositoryAsUser(repository),
  OIDCTokenRepositoryAuth(repository, {"token": token}),

diff --git a/upload/helpers.py b/upload/helpers.py
@@ -225,13 +225,36 @@ def parse_params(data):
 def get_repo_with_github_actions_oidc_token(token):
  unverified_contents = jwt.decode(token, options={"verify_signature": False})
  token_issuer = str(unverified_contents.get("iss"))
+ log.debug(
+ "In GitHubOIDCTokenAuthentication 3",
+ extra=dict(
+ token_slice=str(token)[39:49],
+ unverified_contents=unverified_contents,
+ token_issuer=token_issuer,
+ ),
+ )
  if token_issuer == "https://token.actions.githubusercontent.com":
  service = "github"
  jwks_url = "https://token.actions.githubusercontent.com/.well-known/jwks"
+ log.debug(
+ "In GitHubOIDCTokenAuthentication 4",
+ extra=dict(
+ token_slice=str(token)[39:49],
+ token_issuer=token_issuer,
+ service=service,
+ jwks_url=jwks_url,
+ ),
+ )
  else:
  service = "github_enterprise"
  github_enterprise_url = get_config("github_enterprise", "url")
  jwks_url = f"{github_enterprise_url}/_services/token/.well-known/jwks"
+ log.debug(
+ "In GitHubOIDCTokenAuthentication 5",
+ extra=dict(
+ token_slice=str(token)[39:49], service=service, jwks_url=jwks_url
+ ),
+ )
  jwks_client = PyJWKClient(jwks_url)
  signing_key = jwks_client.get_signing_key_from_jwt(token)
  data = jwt.decode(
@@ -241,11 +264,31 @@ def get_repo_with_github_actions_oidc_token(token):
  audience=[settings.CODECOV_API_URL],
  )
  repo = str(data.get("repository")).split("/")[-1]
+ log.debug(
+ "In GitHubOIDCTokenAuthentication 6",
+ extra=dict(
+ token_slice=str(token)[39:49],
+ signing_key=signing_key,
+ decoded_token=data,
+ repo=repo,
+ ),
+ )
  repository = Repository.objects.get(
  author__service=service,
  name=repo,
  author__username=data.get("repository_owner"),
  )
+ log.debug(
+ "In GitHubOIDCTokenAuthentication 7",
+ extra=dict(
+ token_slice=str(token)[39:49],
+ author__service=service,
+ repo=repo,
+ author__username=data.get("repository_owner"),
+ repoid=repository.repoid,
+ repo_obj=str(repository),
+ ),
+ )
  return repository